Slashdot Mirror

← Back to Stories (view on slashdot.org)

FBI, CIA, and NSA: Don't Use Huawei Phones (cnbc.com)

Posted by BeauHD on from the heads-up dept.

The heads of six top U.S. intelligence agencies told the Senate Intelligence Committee on Tuesday they would not advise Americans to use products or services from Chinese smartphone maker Huawei. "The six -- including the heads of the CIA, FBI, NSA and the director of national intelligence -- first expressed their distrust of Apple-rival Huawei and fellow Chinese telecom company ZTE in reference to public servants and state agencies," reports CNBC. From the report: "We're deeply concerned about the risks of allowing any company or entity that is beholden to foreign governments that don't share our values to gain positions of power inside our telecommunications networks," FBI Director Chris Wray testified. "That provides the capacity to exert pressure or control over our telecommunications infrastructure," Wray said. "It provides the capacity to maliciously modify or steal information. And it provides the capacity to conduct undetected espionage."

In a response, Huawei said that it "poses no greater cybersecurity risk than any ICT vendor." A spokesman said in a statement: "Huawei is aware of a range of U.S. government activities seemingly aimed at inhibiting Huawei's business in the U.S. market. Huawei is trusted by governments and customers in 170 countries worldwide and poses no greater cybersecurity risk than any ICT vendor, sharing as we do common global supply chains and production capabilities."

36 of 238 comments (clear)

  1. What about ICE? by Anonymous Coward · · Score: 3, Funny

    Immigration shouldn't use Chinese phones as they go after Mexican illegals on the order of our Russian controlled president.

  2. It smells more and more of protectionism by Anonymous Coward · · Score: 5, Insightful

    They are simply bypassing adding a barrier of entry which would be illegal by pretending they are a security risk. That could backfire a lot though, because so far only the US was caught with the hand in the malware cookie jar, and massively intercepting comms. That could turn around and bite the US in the ass, why trust anything including new computer plateform when it is spied upon NSA, subpoenaed even if server are not physically in the US, and most probably bugged to hell by the NSA ? Huawei was never caught red handed. The US and NSA was. By using this tactic , the US may remind OTHER countries who was the one governement which was caught doing what they pretend Huawei is doing....

    1. Re:It smells more and more of protectionism by Anonymous Coward · · Score: 4, Interesting

      Wrong!

      China swallowed some DoD traffic:

      https://arstechnica.com/inform...

      And Russia went after Google, Facebook, Apple, Microsoft, and financial institutions:

      https://arstechnica.com/inform...

      AC because of moderation

  3. Translation: by Anonymous Coward · · Score: 5, Insightful

    We've begged this company to allow backdoors in their products and they have refused, so please don't use their products, m'kay!

    1. Re:Translation: by ArhcAngel · · Score: 2, Interesting

      This is the most plausible explanation I have seen to the argument.

      --
      "A person is smart. People are dumb, panicky dangerous animals and you know it." - K
    2. Re:Translation: by Excelcia · · Score: 5, Interesting

      Let's take it as a given that Huawei does indeed have spyware/tracking hooks in their phones right down to the hardware level. Let's also take it as a given that the NSA, therefore, doesn't have hooks into those phones. What does that mean for us?

      Will Chinese authorities arrest someone in US, UK, or Canada if they find out someone here is doing a Google search for Al Qaeda on a Huawei phone? Unlikely. WIll they turn over GPS tracking of me to law enforcement?

      If I take it as a given that someone will be watching everything I do on my phone, I can't think of anyone I would rather have watching than a government that is antagonistic to the NSA.

      I know what my next handset will be.

    3. Re:Translation: by Archangel+Michael · · Score: 5, Insightful

      The scary thing is, we have all the evidence we need that they (The US Government) can spy on anyone they want. And they lie about it. And nothing happens when they do lie about it. Why anyone trusts anything they say is beyond me.

      --
      Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
    4. Re:Translation: by outlaw · · Score: 2

      Indeed !

      AKA: We want to be the only ones who can spy on *our* citizens - and these bozos will not sign a reciprocity of data collection with us (5 eyes and all).

    5. Re:Translation: by Obfuscant · · Score: 3, Insightful

      Exactly. If you're doing something the Chinese government would be interested in, sure, I can see avoiding their stuff.

      Malware doesn't always have to be watching users and grabbing their data. They can also be getting hooks into the US wireless infrastructure.

      But if it is ok that the Chinese do watch everything you do, that's ok with me.

      it seems to me that using something one's own government hates is actually a good thing.

      So when the FDA or EPA bans something you run right out and start downing massive quantities because anything the FDA hates must be a good thing?

    6. Re:Translation: by Obfuscant · · Score: 2

      Let's take it as a given that Huawei does indeed have spyware/tracking hooks in their phones right down to the hardware level. Let's also take it as a given that the NSA, therefore, doesn't have hooks into those phones. What does that mean for us?

      It means that not only does NSA have the ability to track you, you're giving the Chinese the ability to do that, along with letting them have access to the wireless infrastructure from thousands of different places.

      The excuse that "A can do it, so why worry if B can do it, too?" is pretty silly.

      I can't think of anyone I would rather have watching than a government that is antagonistic to the NSA.

      Antagonistic to the USA. You're part of the target.

    7. Re:Translation: by Obfuscant · · Score: 2, Insightful

      Why anyone trusts anything they say is beyond me.

      It is pretty well accepted as fact that the Chinese manufacturers can insert all kinds of backdoors into the networking hardware they manufacture. The US government saying that a Chinese phone manufacturer can do that, too, does not take a real leap of faith.

      I've used Chinese-made network hardware that I've seen sending data back to an unidentified server in China. I don't doubt that a cell phone manufacturer might be able and willing to do the same. The difference is that it is trivial to install a firewall block on the server address for a piece of hardware on my network but impossible to install one on a cell phone using the cell network. (Before you say "root it, install cyanogen or similar open source, and install a firewall on your phone...", I'll point out that if the hardware is the culprit your software will not stop the communications.)

    8. Re:Translation: by tlhIngan · · Score: 2

      Exactly. If you're doing something the Chinese government would be interested in, sure, I can see avoiding their stuff. However, since most US citizens don't engage in anything that's of interest to a foreign power, it seems to me that using something one's own government hates is actually a good thing.

      Most Americans don't work? Because what most Americans do at work might be of interest to foreign nations. It's called industrial espionage, after all. Let's say you work at Tesla, on the line putting screw A into hole B all day. You think that might not be of interest to the Chinese? For starters, it can reveal production rate - how often are you putting screw A into hole B? Perhaps the sound of a machine in the background might be moderately interesting - knowing what production equipment is used.

      Perhaps you work at an engineering office. I'm sure the Chinese would like to know what you're building and overhearing your conversations with everyone else on the project. At the very least, they'd be interested in hearing about problems and maybe the solutions.

      Maybe you work at McD's, knowing the crowd and other things might be useful to judge patronage.

      Truth is, there is lots of proprietary information companies have, and sometimes, knowing you can make X widgets a day is valuable, or when you are busy, etc.

  4. Er, what are these "values"? by Archtech · · Score: 5, Insightful

    '"We're deeply concerned about the risks of allowing any company or entity that is beholden to foreign governments that don't share our values to gain positions of power inside our telecommunications networks," FBI Director Chris Wray testified'.

    I wonder if Mr Wray would care to state exactly what "our values" are. I suspect the reason why politicians (and make no mistake, the FBI Director is a politician first, last and foremost) never list "our values" is either because they have forgotten what they are supposed to be, or because they are afraid listeners would burst out laughing.

    Democracy? The USA was never meant to be a democracy - quite the contrary - and it is now definitely a plutocracy.
    Freedom? That depends, doesn't it - whose freedom to do what to whom?
    Freedom of speech? "It is by the goodness of God that in our country we have those three unspeakably precious things: freedom of speech, freedom of conscience, and the prudence never to practice either of them". - Mark Twain, Pudd'nhead Wilson's New Calendar, Ch. XX
    Freedom of assembly? Not anywhere near where any politicians are having a meeting, or anywhere the armed forces say you can't go.
    A free market? Everything is rigged, starting with interest rates and including the stock and bond markets.

    I could go on but I don't want to bore anyone.

    --
    I am sure that there are many other solipsists out there.
    1. Re:Er, what are these "values"? by sit1963nz · · Score: 2, Insightful

      Um it think those values are "We come in peace, shoot to kill" Lets face it, any country that will elect a sexual predator as its leader lacks any moral stance worth emulating.

    2. Re:Er, what are these "values"? by sit1963nz · · Score: 2

      The ONLY sacred right Americans care about is the right to own a gun. Everything thing else is up for sale.

  5. Well.... by Anonymous Coward · · Score: 4, Insightful

    Honestly, the Chinese government has no power or authority over me, so if that government took my data I'd mind a whole lot less than if it was my own government.

    I'm not really sure what the risk level is here for the average person while using a product from Huawei, it just doesn't seem any more significant than using Google, Facebook, Apple, or other tech company products that already surveil the hell out of you.

    1. Re:Well.... by Archangel+Michael · · Score: 2

      Technically, the powers of the US government are supposed to be limited too. After all, it is "We the People" that are supposed to have the power of governance.

      --
      Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
    2. Re:Well.... by farble1670 · · Score: 3, Interesting

      Honestly, the Chinese government has no power or authority over me, so if that government took my data I'd mind a whole lot less than if it was my own government.

      So you won't mind if (chinese) hackers get your financial data and empty your bank account or charge up your cards?
      You don't mind if they get personal data and sell it off at a price to whoever wants it?
      You don't mind if they use it to perform corporate espionage, if you have work data on your device?

      If it was a US corporation doing something illegal, you'd have legal recourse (at least in theory). Here you do not.

      I think you need to think about that one a little harder.

  6. This fails the smell test by ArhcAngel · · Score: 4, Insightful

    By their logic we shouldn't be buying Lenovo, Motorola, Apple (Foxconn), or any of over a hundred other Chinese OEM's devices. The excuse that Apple controls the OS isn't even a solid argument as the firmware is still in the hands of the OEM and susceptible to tampering. There's something else pushing this narrative. Be interesting to find out what it is.

    --
    "A person is smart. People are dumb, panicky dangerous animals and you know it." - K
    1. Re:This fails the smell test by ArhcAngel · · Score: 3, Interesting

      As AC posted above perhaps they refuse to allow a back door into the system. Everyone remembers when India threatened BlackBerry with banishment if they weren't allowed access.

      It's funny how everybody points to BlackBerry giving in to the pressure from India while completely ignoring the fact they were the ONLY company that publicly refused to give access in the first place.

      --
      "A person is smart. People are dumb, panicky dangerous animals and you know it." - K
  7. How is Apple different here? by Narcocide · · Score: 3, Interesting

    Apple phones are still manufactured by a Chinese company. For that matter, how are these one line of Huawei phones different from literally every other phone manufactured in China to be sold worldwide, including in the US?

    What is special about this particular line of phones that they're not telling us?

  8. Goose, meet gander by Archtech · · Score: 4, Insightful

    Also, of course, if Americans are not to use Chinese devices in case the Chinese government spies on them - who (outside the USA) is going to want to use American devices?

    We know for sure that the US government systematically spies on Americans, and if they spy on Americans they certainly wouldn't baulk at spying on foreigners.

    So, goodbye all Apple sales to China, Russia, India, Europe, Africa, South America...

    --
    I am sure that there are many other solipsists out there.
    1. Re:Goose, meet gander by sit1963nz · · Score: 2

      96% of the worlds population live outside of the USA.

      Its won't take much for "USA First" to become "USA Alone"

  9. I don't get it by ilsaloving · · Score: 2

    I don't get this stance. Virtually *everything* used in North America comes from China. Even precious American darlings like Apple make all their stuff in China and ship it over.

    If the US gov't is so worried about Chinese influence, maybe they shouldn't have allowed the overwhelming majority of it's manufacturing capacity to be moved overseas?

    1. Re:I don't get it by AHuxley · · Score: 2

      Re 'manufacturing capacity to be moved overseas?",
      Its not the overseas part the NSA is worried about. Its access to all the US domestic telco systems. Telco systems all over the USA next to U mil sites, ports, bases, production lines. A next gen real time collection network next to a US base for free.
      Think of the way the NSA and GCHQ did global collect it all.
      The sites and telco rooms the NSA needs to collect on all domestic and international networks all over the USA.

      That needs NSA contractors able to walk into and upgrade in very secure private sector US telco areas without comment, question at any time of the day all over the USA.
      Once a telco gets to be a big brand they too can walk in and do tech things to some of their huge US domestic networks.
      Some domestic telco networks are very near the most sensitive US mil site, production lines.
      The NSA, GCHQ understand US encryption standards and can get everything in real time without any extra decryption effort.
      Every time a trusted US brand upgrades the NSA is ready to collect on their next gen tech.
      No questions, legal problems, no tech challenges, no new crypto. Collection all over the USA just works.
      The US can spy on its gov and mil workers, contractors too. Around every mil camp, fort, base, station, port. What web sites they look at, who they spend time with.
      Great for finding spies, people talking to the media, people of faith, dual citizens more loyal to another nation who should only be working for the US gov.

      Imagine all that been done to the USA by another nation for free as part of their very low cost consumer network.
      Tracking a US mil officer all over their base all shift. Then all around town away from base. The cafe, restaurant, gym, hobbies they enjoy when not at work, on duty.
      A human spy can then start up a friendship with the same interests and at the perfect time.
      No need for strangers to be around sensitive US mil and contractors sites a lot looking for shift changes trying to talk and make friends.

      What the US and UK gov/mil then later NSA and GCHQ had for billions in spy tech from the 1930-90's can now be replicated in the USA by other nations.
      The US never planned for site security in the way other nations had to as the NSA always thought it would be always be geographically secure within the USA.
      What made collection so easy globally and all over the US was just expected to stay as a US only method.
      Other nations have to secure their sites and have total communications security as the NSA and GCHQ is always ready.
      The US is still in the big Soviet spy ship and Soviet look down space platform level of security. The stranger with a big zoom camera near the base.
      Security for the USA is distance away from a spy ship and under cover. Now other nations can telco collect everything around any US base, factory, mil site, all the contractors walking around all day and night all over the USA.

      The US is not ready for a security change domestically so all it can do is stop other nations getting telco US wide domestic access. That distance from other nations collection methods will restore US base and factory security again.
      With no low cost telco collection deep in the USA, the USA is secure again.

      --
      Domestic spying is now "Benign Information Gathering"
  10. Unfair competition? by NuclearCat · · Score: 5, Insightful

    *sniff sniff*, smells like bullshit.
    Isn't such agencies should come up with solid proof first, before accusing anyone? Or they became oligarch/multinationals mercenary - like law enforcement agencies in Putin Russia?
    What if China cut, in retaliation, and in their traditions - much more harsh way, Apple? 1/4-1/3 of profit gone? (and other countries might enjoy following trend)

  11. It's simple by RightwingNutjob · · Score: 2

    Most people in their late 40s and 50s, which is how old you need to be to bubble up to the top in just about any large organization, came of age in the late 80s and early 90s when China was a backwater, Russia was a third-world country, and all the cutting-edge good stuff was being manufactured by companies like IBM in places like Lexington, Kentucky.

    For much of the late 90s and 2000s, and even into today, that continued to be true for most (if not all) military electronics. A lot of laws and regulations that defense contractors and government labs follow are still written like that's the reality for all of tech. To an extent, that sustains a small advanced electronics echosystem here.

    Problem is, that stopped being true for consumer electronics a long time ago, and more advanced and backend equipment is following in those footsteps, because guess what: twenty years of growth in making cheap shit over there pumps money and builds up expertise and a manufacturing echosystem over there. At the expense of the one here, I might add. The guys sounding the alarm in TFA are just realizing the scope of the problem because it's coming to get them where they live: government IT security by way of trusted suppliers.

    It's not hypocrisy. It's just government stupidity by way of institutional inertia and obliviousness to the market environment.

  12. Legitimate security concern or something else? by WolfgangVL · · Score: 4, Insightful

    FBI, CIA, NSA: Encryption bad! Spying good! Privacy bad!

    They almost got it right. I'll fix it.

    "We're deeply concerned about the risks of allowing any company or entity that is beholden to ANY government, as NONE OF THEM share our values, to gain positions of power inside our telecommunications networks," FBI Director Chris Wray should have testified. "That provides the capacity to exert pressure or control over our telecommunications infrastructure," Wray should have said. "It provides the capacity to maliciously modify or steal information. And it provides the capacity to conduct undetected espionage that is currently only OK for Uncle Sam and his secret courts"

    --
    You are being ripped off every second of every day, so that advertisers can help rip you off even more tomorrow.
  13. Re:Apple (Focxonn) okay? by Anonymous Coward · · Score: 2, Informative

    You do know Foxconn is Taiwanese. They aren't exactly keen on being subservient to the Chinese government.

  14. Re:Huawei isn't an Apple rival. by thegarbz · · Score: 3, Insightful

    Just because someone has their own ecosystem doesn't mean they aren't competing with single vendors from other ecosystems.

  15. I'm going to be off-topic and pedantic by raymorris · · Score: 2

    I'm going to be off-topic and pedantic here.

    > Russia was a third-world country

    The definition of second world was "the USSR and its allies".
    First world is NATO (US and allies).
    Third world is countries not aligned with either major power, often because they weren't significant enough to make a big difference anyway, so they weren't courted by either the US or USSR.

  16. Re:Apple (Focxonn) okay? by AK+Marc · · Score: 5, Insightful

    US officially operates under a One China policy, where Beijing is recognized, but Taiwan isn't. And China considers Taiwan to be an autonomous region, like Hong Kong and Macau. And Foxconn is operating in China, so are subject to the laws and practices of China. One should assume that Foxconn is a Chinese company.

    Though, I have no idea why Huawei is targeted. They have no official ties to the China government, and, unlike Cisco, have never put in a backdoor for government control. I'd be much more worried about American companies. The government has requested backdoors publicly, and privately, and there have been some confirmed and found. It does not matter that they are intended for US operatives only, once they are in, they can be compromised by others.

    I guess it's just plain racism. China bad. America good.

    --
    Learn to love Alaska
  17. Re:Apple (Focxonn) okay? by Bing+Tsher+E · · Score: 5, Insightful

    Though, I have no idea why Huawei is targeted. They have no official ties to the China government, and, unlike Cisco, have never put in a backdoor for government control.

    Ding ding ding. The NSA wants a back door that they control in every phone.

  18. Re:Apple (Focxonn) okay? by darthsilun · · Score: 2

    You do know Foxconn is Taiwanese. They aren't exactly keen on being subservient to the Chinese government.

    Foxconn may be Taiwan-based, but Apple iPhones are assembles at their factories in mainland China.

    I imagine that Foxconn is at the mercy of the PRC government for permission to do anything: e.g. build factories, employ people, etc.

  19. They got caught. [Re:Apple (Focxonn) okay?] by XXongo · · Score: 3, Informative

    Though, I have no idea why Huawei is targeted.

    Because they have been caught installing spyware in the firmware.

    http://www.news18.com/news/tech/xiaomi-lenovo-huawei-smartphones-found-pre-installed-with-spyware-1087415.html

    Their response was "oh, that wasn't us, it was somebody else."

  20. Re: Apple (Focxonn) okay? by Anonymous Coward · · Score: 5, Informative

    Did you just wake up from a coma?

    https://www.infoworld.com/article/2608141/internet-privacy/snowden--the-nsa-planted-backdoors-in-cisco-products.html
    https://arstechnica.com/tech-policy/2014/05/photos-of-an-nsa-upgrade-factory-show-cisco-router-getting-implant/
    https://www.wired.com/2013/09/nsa-router-hacking/